cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ISmith
Level 10
Report Inappropriate Content
Message 1 of 13

ePO console unavailable after upgrade to 5.10.11

It seems the internally signed certificate was not transferred. I was able to rollback to 5.10 CU10.

Does anyone know a way around this?

This KB Does not apply: KB81737

 

stderr log

Oct 26, 2021 4:15:02 PM org.bouncycastle.jsse.provider.ProvTlsClient notifyAlertRaised
INFO: Client raised fatal(2) bad_certificate(42) alert: Failed to read record
org.bouncycastle.tls.TlsFatalAlert: bad_certificate(42)
at org.bouncycastle.jsse.provider.ProvTlsClient$1.notifyServerCertificate(Unknown Source)
at org.bouncycastle.tls.TlsUtils.processServerCertificate(Unknown Source)
at org.bouncycastle.tls.TlsClientProtocol.handleServerCertificate(Unknown Source)
at org.bouncycastle.tls.TlsClientProtocol.handleHandshakeMessage(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.processHandshakeQueue(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.processRecord(Unknown Source)
at org.bouncycastle.tls.RecordStream.readRecord(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.safeReadRecord(Unknown Source)
at org.bouncycastle.tls.TlsProtocol.blockForHandshake(Unknown Source)
at org.bouncycastle.tls.TlsClientProtocol.connect(Unknown Source)
at org.bouncycastle.jsse.provider.ProvSSLSocketDirect.startHandshake(Unknown Source)
at org.bouncycastle.jsse.provider.ProvSSLSocketDirect.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.jav...)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1570)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1498)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:352)
at com.mcafee.epo.supportcenter.service.rest.httpclient.HttpUrlClient.validateHttpResponse(HttpUrlClient.java:367)
at com.mcafee.epo.supportcenter.service.rest.httpclient.HttpUrlClient.getResponseString(HttpUrlClient.java:395)
at com.mcafee.epo.supportcenter.service.rest.httpclient.HttpUrlClient.getSupportSnsFromItFeeder(HttpUrlClient.java:244)
at com.mcafee.epo.supportcenter.service.SupportCenterService.downloadSns(SupportCenterService.java:143)
at com.mcafee.epo.supportcenter.command.DownloadSnsCommand.invoke(DownloadSnsCommand.java:74)
at com.mcafee.orion.core.cmd.CommandInvoker.invoke(CommandInvoker.java:1275)
at com.mcafee.orion.core.cmd.CommandInvoker.invokeCommand(CommandInvoker.java:1000)
at com.mcafee.orion.core.cmd.CommandInvoker.invoke(CommandInvoker.java:969)
at com.mcafee.orion.core.cmd.CommandInvoker.invoke(CommandInvoker.java:946)
at com.mcafee.orion.scheduler.chainable.Chain.invokeChain(Chain.java:434)
at com.mcafee.orion.scheduler.chainable.Chain.invokeChain(Chain.java:471)
at com.mcafee.orion.scheduler.chainable.Chain.invokeChain(Chain.java:380)
at com.mcafee.orion.scheduler.chainable.Chain.invoke(Chain.java:61)
at com.mcafee.orion.core.cmd.CommandInvoker.invoke(CommandInvoker.java:1275)
at com.mcafee.orion.scheduler.service.ScheduledTaskManagerImpl.runTask(ScheduledTaskManagerImpl.java:1582)
at com.mcafee.orion.scheduler.service.ScheduledTaskManagerImpl.runValidatedTaskInvocation(ScheduledTaskManagerImpl.java:1553)
at com.mcafee.orion.scheduler.service.ScheduledTaskManagerImpl.runValidatedTaskInvocation(ScheduledTaskManagerImpl.java:1507)
at com.mcafee.orion.scheduler.service.ScheduledTaskManagerImpl.execute(ScheduledTaskManagerImpl.java:1318)
at com.mcafee.orion.task.queue.TaskQueueEngine.runTask(TaskQueueEngine.java:861)
at com.mcafee.orion.task.queue.TaskQueueEngine.runTask(TaskQueueEngine.java:843)
at com.mcafee.orion.task.queue.TaskQueueEngine.lambda$submitTasks$9(TaskQueueEngine.java:813)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)

Labels (1)
12 Replies
cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 13

Re: ePO console unavailable after upgrade to 5.10.11

That is not necessarily a relevant error, as it is only referring to supportcenter activities reaching out to external sites.  How was it unavailable?  Are things working now?  Were all the services started?

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

ISmith
Level 10
Report Inappropriate Content
Message 3 of 13

Re: ePO console unavailable after upgrade to 5.10.11

How about these records from orion log?

 

2021-10-26T15:45:40,149 ERROR [scheduler-InternalTask-thread-14] httpconnections.ApacheClientApiManager - Proxy is not enabled ,failed to connect via proxy
2021-10-26T15:45:40,259 ERROR [scheduler-InternalTask-thread-14] compatibility.DownloadCompatibilityData - downloadFile : certificate_unknown(46)
2021-10-26T15:49:14,626 ERROR [https-jsse-nio-8444-exec-3] server.OrionLoginModule - Error occured while updating last logon time in the database
2021-10-26T15:49:14,693 ERROR [https-jsse-nio-8444-exec-4] server.OrionLoginModule 41 - Error occured while updating last logon time in the database
2021-10-26T15:49:14,783 ERROR [https-jsse-nio-8444-exec-9] server.OrionLoginModule - Error occured while updating last logon time in the database
2021-10-26T15:49:14,819 ERROR [https-jsse-nio-8444-exec-10] server.OrionLoginModule 41 C0D3CE1449586ACF2BC9935EA32A1261.route1 - Error occured while updating last logon time in the database
2021-10-26T15:49:14,891 ERROR [https-jsse-nio-8444-exec-15] server.OrionLoginModule - Error occured while updating last logon time in the database
2021-10-26T15:49:14,925 ERROR [https-jsse-nio-8444-exec-16] server.OrionLoginModule 41 25970B2A49872A8B28BADD47E0E8C824.route1 - Error occured while updating last logon time in the database
2021-10-26T15:56:00,902 ERROR [https-jsse-nio-8444-exec-22] server.OrionLoginModule 40 18CD610800214BEE654B471910C1B63C.route1 - Error occured while updating last logon time in the database
2021-10-26T15:56:01,444 ERROR [https-jsse-nio-8444-exec-23] server.OrionLoginModule 42 - Error occured while updating last logon time in the database
2021-10-26T15:56:01,605 ERROR [https-jsse-nio-8444-exec-3] server.OrionLoginModule - Error occured while updating last logon time in the database
2021-10-26T15:56:01,639 ERROR [https-jsse-nio-8444-exec-5] server.OrionLoginModule 42 - Error occured while updating last logon time in the database
2021-10-26T15:56:01,718 ERROR [https-jsse-nio-8444-exec-9] server.OrionLoginModule - Error occured while updating last logon time in the database
2021-10-26T15:56:01,754 ERROR [https-jsse-nio-8444-exec-10] server.OrionLoginModule 42 5823C3B92F367BC3DB7FCD41F53BCA96.route1 - Error occured while updating last logon time in the database
2021-10-26T15:59:42,365 ERROR [scheduler-InternalTask-thread-12] engine.InternalTaskWrapper - Unhandled exception thrown by InternalTask telemetry.data.collector.task
java.lang.NullPointerException: null
at com.mcafee.EPOAGENTMETA.pip.TelemetryDataCollector.mergeJsonDataFromClient(TelemetryDataCollector.java:528) ~[?:?]
at com.mcafee.EPOAGENTMETA.pip.TelemetryDataCollector.retrieveTelemetryDataFromEpo(TelemetryDataCollector.java:405) ~[?:?]
at com.mcafee.EPOAGENTMETA.pip.TelemetryDataCollector.run(TelemetryDataCollector.java:197) ~[?:?]
at com.mcafee.orion.scheduler.engine.InternalTaskWrapper.run(InternalTaskWrapper.java:26) [scheduler.jar:202109280152]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:1.8.0_301]
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) [?:1.8.0_301]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) [?:1.8.0_301]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) [?:1.8.0_301]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_301]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_301]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_301]
2021-10-26T16:00:32,253 ERROR [scheduler-TaskQueueEngine-thread-2] db.DbCpuCheck - DbCpuCheck failed. No result found for cpu usage
2021-10-26T16:00:45,723 ERROR [scheduler-TaskQueueEngine-thread-2] db.DbMemoryCheck - DbMemoryCheck failed. No result found for databsae machine remaining memory

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 13

Re: ePO console unavailable after upgrade to 5.10.11

No, those aren't relevant either.  How exactly was the console unavailable?  Was the application server service started, or was it missing?  Did cu 11 succeed or fail?

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

ISmith
Level 10
Report Inappropriate Content
Message 5 of 13

Re: ePO console unavailable after upgrade to 5.10.11

Sorry, I Was trying to reply the forum deleted my info.

Chrome based browsers claim the connection was reset. I tried without the port and it said I could not access that page. I tried with/out TLS as well. With TLS the browser says there is no certificate.

 

I installed, made sure all services run, rebooted, repaired CU 11 install, rolled back. I repeated the whole process a couple of times to be sure.

ISmith
Level 10
Report Inappropriate Content
Message 6 of 13

Re: ePO console unavailable after upgrade to 5.10.11

Agents checked into Cu 11 as well, which is why I assumed it was a console only issue.

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 13

Re: ePO console unavailable after upgrade to 5.10.11

interesting.  I would love to see all the logs.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 13

Re: ePO console unavailable after upgrade to 5.10.11

Please open a ticket with McAfee and get a mer from epo so we can look at the logs.  Let me know the SR number in private message please.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

ISmith
Level 10
Report Inappropriate Content
Message 9 of 13

Re: ePO console unavailable after upgrade to 5.10.11

Thanks. I will do this in the morning.

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 13

Re: ePO console unavailable after upgrade to 5.10.11

When you run the mer (mer.mcafee.com), be sure to run it as administrator and do not choose all products.  Choose epo server as the product to collect for.  All products doesn't always get relevant data.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community